Specify an error page for Identity Provider, SAML, or SSO

You can specify an error page where users are redirected if Okta fails to process a social IdP login, inbound SAML assertion, or IWA SSO token. This part of configuring inbound SAML is optional.

Before you begin

Complete these tasks before you specify an error page:

Start this task

  1. In the Admin Console, go to Security > Identity Providers.
  2. Click the gear icon next to Add Identity Provider.
  3. Configure the following settings.
    • Use the default Okta error page: This setting redirects users to the default Okta error page.

    • Use a custom error page: This setting redirects users to the fully qualified URL of your custom error page. This option is useful if you embed Okta into your solution and you want to control end-to-end branding to enhance the end-user experience. The custom error page you specify applies to all IdP and IWA users in your organization.

  4. Click Save.

The custom error page setting doesn't apply to sign-in failures caused by an unknown user or a JIT failure. In these cases, users are redirected to their Okta sign-in page.